Scribd Logo
Upload

Welcome to Scribd!

  • Special Identities-Group

    Uploaded by

    shaily386
    11 views1 page

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    11 views1 page

    Special Identities-Group

    Uploaded by

    shaily386

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    Special Identities

    Windows and AD DS also support special


    identities, which are groups for which membership
    is controlled by the operating system. You cannot
    view the groups in any list (in Active Directory
    Users and Computers, for example), you cannot
    view or modify the membership of these special
    identities, and you cannot add them to other
    groups. You can, however, use these groups to
    assign rights and permissions.

    The most important special identities—often called groups (for convenience)—are described in the
    following list:
    • Anonymous Logon. This identity represents connections to a computer and its resources that are
    made without supplying a user name and password. Before Windows Server 2003, this group was a
    member of the Everyone group. Beginning with Windows Server 2003, this group is no longer a
    default member of the Everyone group.
    • Authenticated Users. This represents identities that are authenticated. This group does not include
    Guest, even if the Guest account has a password.
    • Everyone. This identity includes Authenticated Users and the Guest account. (On computers that are
    running versions of the Windows Server operating system that precede Windows Server 2003, this
    group includes Anonymous Logon.)
    • Interactive. This represents users who access a resource while logged on locally to the computer
    that is hosting the resource, as opposed to accessing the resource over the network. When a user
    accesses any given resource on a computer to which the user is logged on locally, the user is added
    automatically to the Interactive group for that resource. Interactive also includes users who log on
    through a Remote Desktop connection.
    • Network. This represents users who access a resource over the network, as opposed to users who are
    logged on locally at the computer that is hosting the resource. When a user accesses any given
    resource over the network, the user is added automatically to the Network group for that resource.
    • Creator Owner. This represents the security principal that created an object.
    The importance of these special identities is that you can use them to provide access to resources based
    on the type of authentication or connection, rather than the user account. For example, you could create
    a folder on a system that allows users to view its contents when they are logged on locally to the system,
    but that does not allow the same users to view the contents from a mapped drive over the network. You
    could achieve this by assigning permissions to the Interactive special identity.

    You might also like